I'm not exactly sure what is wrong

Re run Hitman and have it delete Potential Unwanted Programs.

Uninstall the below.

• Self-service Plug-in
• ShopAtHome.com Helper
• ShopAtHome.com Toolbar
• DefaultTab
• Ask Toolbar

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.

Let us know of any problems you may have encountered with the above instructions and also let me know how things are running now!

 

All of the below still show as being installed, so I would like for you to use Revo Uninstaller to see if it will detect them and uninstall them.

• Ask Toolbar
• Self-service Plug-in
• ShopAtHome.com Helper

Please disable all anti-virus and anti-spyware programs while we do the following (re-enable when you are finished):

Run C:\MGtools\analyse.exe by double clicking on it (Note: if using Vista, don't double click, use right click and select Run As Administrator). This is really HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

• R3 - URLSearchHook: (no name) - {ece24dcf-8548-4655-b392-47a388721482} - (no file)
• O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
• O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
• O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (file missing)
• O3 - Toolbar: Somoto Toolbar - {652853ad-5592-4231-88c6-706613a52e61} - C:\Program Files (x86)\somototoolbar\vmntemplateX.dll (file missing)
• O3 - Toolbar: ShopAtHome.com Toolbar - {311B58DC-A4DC-4B04-B1B5-60299AD3D803} - C:\Users\Michelle\AppData\Roaming\ShopAtHome\ShopAtHomeToolbar\tbcore3U.dll (file missing)
• O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
• O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"

After clicking Fix exit HJT.


Delete these
C:\Program Files (x86)\Common Files\Spigot
C:\Program Files (x86)\Ask.com


And if this file is visible, please delete that too:
C:\Windows\system32\WindowsCodecs.dll
...and let me know.


http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool to your desktop.

• Please save the work in your browsers before proceeding.
• Double-click JRT.exe to run (Vista/7 right-click and select Run as Administrator)
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Please attach JRT.txt to your next message. (See: HOW TO: Attach Items To Your Post )

I know it will not remove anything, but re run Hitman again, I want to see what's left.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.

 

OK, this file should not be deleted. WindowsCodecs.dll

Little bit left to do here and then you may have to go onto the software forum afterwards.


Download and run OTM.

Download OTM by Old Timer and save it to your Desktop.

• Right-click OTM.exe And select " Run as administrator " to run it.
• Paste the following code under the http://farm3.static.flickr.com/2455/4173556815_a721a91733_o.png area. Do not include the word Code.

Code:

:Files
C:\Users\Michelle\Local Settings\Temp\AskSearch
C:\Program Files (x86)\Common Files\Spigot
C:\Program Files (x86)\Ask.com

:reg
[-HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]
[-HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}]
[-HKU\S-1-5-21-1721611782-460635201-2206628158-1005\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}]

:Commands
[emptytemp]
[Reboot]

• Return to OTM, right click in the Paste List of Files/Folders to Move window (under the yellow bar) and choose Paste.
• Push the large http://farm3.static.flickr.com/2782/4174320048_f01c448b32_o.png button.
• OTM may ask to reboot the machine. Please do so if asked.
• Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document into a text file and attach it here in your next post.

Rescan with Hitman again and attach log.

Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this.

Let us know of any problems you may have encountered with the above instructions and also let me know how things are running now!

 

Excellent. The file was deleted, replaced by Windows, and all is well. No junk left to remove either.

If you are not having any other malware problems, it is time to do our final steps:

1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
   • Press and hold the Windows key http://forums.majorgeeks.com/chaslang/images/Windows_Logo_key.gif and then press the letter R on your keyboard. This opens the Run dialog box.
   • Copy and paste the below into the Run box and then click OK. Note the quotes are required
   • "%userprofile%\Desktop\combofix" /uninstall
     • Notes: The space between the combofix and the /uninstall, it must be there.
     • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
3. Renable your Disk Emulation software with Defogger if you had disabled it in step 4 of the READ & RUN ME.
4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
5. If running Vista, Win 7 or Win 8, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
6. Now goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
7. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others) and running MGclean.bat did not remove them, you can delete these files now.
8. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
9. If you are running Win 8, Win 7, Vista, Windows XP or Windows ME, do the below to flush restore points:
   • Refer to the instructions for your WIndows version in this link: Disable And Enable System Restore​
   • What we want you to do is to first disable System Restore to flush restore points some of which could be infected.
   • Then we want you to Enable System Restore to create a new clean Restore Point.
10. After doing the above, you should work thru the below link:
    • How to Protect yourself from malware!

 

You are most welcome.